| Enterprises nowadays are facing increasingly complex laws and regulations supervision and compliance environment. The enterprise's software projects must simultaneously satisfy the multiple laws and regulations compliance requirements. How to establish a set of framework for the software project total life cycle management to ensure that enterprise's software projects dynamically adapt to constantly changing laws and regulations supervision and the compliance environment would be a valuable research topic.The software project total life cycle management is the object of this thesis. Constructing the total life cycle management framework of software project for compliance, and the quantitative evaluation for the regulations compliance on each software project stage are the research objectives of this thesis.This thesis first conducted the research and summary in the aspects of the laws and regulations compliance's concept, the relationships between the regulations compliance and the software project. And on this basis, surrounding the enterprise software project total life cycle management, from the "structure" point of view, this thesis proposed and constructed the framework of the software project total life cycle management for compliance to meet the ongoing laws and regulations' requirements.The overall framework of the software project total life cycle management for compliance that this thesis constructed, is divided into six layers from top to bottom, a total of eight dimensions in a nutshell view of the three, namely, governance view, process view and implementation view. Under the governance view, the framework in turn includes the corporate governance layer, the IT governance layer, the enterprise architecture and the project governance layer. Following the process view is the software life-cycle processes layer. Under the view of implementation, the framework includes the methodology dimension for compliance, the key elements for compliance and the tools for compliance. The overall framework is layered, sufficiently referred and integrated the international mature standards, the models and the best practice, and fully taken into account the various types of standard complementarities. With regard to the framework tailoring and its application, this thesis proposed the "three-step-walk" strategy to tailor the project's own definition of the software total life cycle management processes, and map the compliance governance's focus and content into the processes and activities, intuitively identify on the flowchart, so as to initiatively comply and continuously improve in the software project total life cycle process for complying with laws and regulations' requirements.In aspect of the compliance evaluation of the software project, this thesis tried to use GQM method to break down and construct the index set of compliance evaluation, to achieve the quantitative evaluation for the regulations compliance on each software project stage by organically combining the fuzzy comprehensive evaluation method with AHP method, aimed to ensure that software project managers are able to use the quantitative evaluation to initiatively conduct the self-evaluation and improvement for the compliance in the software project total life cycle processes.Finally, the thesis selected and analyzed the SOX Act compliance practice for the Company A's software projects, demonstrated an effective method for the improved IT governance and the software project total life cycle management for compliance, so as to provide domestic enterprises a better reference and guidance to the software project management for compliance with the laws and regulations. |
PDF Full Text Request